diff options
| author | David Sherret <dsherret@users.noreply.github.com> | 2024-06-06 23:37:53 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-06-06 23:37:53 -0400 |
| commit | 386d5c8310891c5dc9627abbf2374e60bb4e50d2 (patch) | |
| tree | 920367bb6e14a5d259a01765962e93ff991c1fa0 /cli | |
| parent | a17794d5cf0c8d1ecc624c490071e5b3a5856bc7 (diff) | |
refactor: remove `PermissionsContainer` in deno_runtime (#24119)
Also removes permissions being passed in for node resolution. It was
completely useless because we only checked it for reading package.json
files, but Deno reading package.json files for resolution is perfectly
fine.
My guess is this is also a perf improvement because Deno is doing less
work.
Diffstat (limited to 'cli')
33 files changed, 74 insertions, 144 deletions
diff --git a/cli/args/flags.rs b/cli/args/flags.rs index 03d19746a..711ec4c61 100644 --- a/cli/args/flags.rs +++ b/cli/args/flags.rs @@ -17,8 +17,8 @@ use deno_core::error::AnyError; use deno_core::resolve_url_or_path; use deno_core::url::Url; use deno_graph::GraphKind; -use deno_runtime::permissions::parse_sys_kind; -use deno_runtime::permissions::PermissionsOptions; +use deno_runtime::deno_permissions::parse_sys_kind; +use deno_runtime::deno_permissions::PermissionsOptions; use log::debug; use log::Level; use serde::Deserialize; diff --git a/cli/args/import_map.rs b/cli/args/import_map.rs index 767d0f770..2dc5a21d1 100644 --- a/cli/args/import_map.rs +++ b/cli/args/import_map.rs @@ -4,7 +4,7 @@ use deno_core::anyhow::Context; use deno_core::error::AnyError; use deno_core::serde_json; use deno_core::url::Url; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use import_map::ImportMap; use import_map::ImportMapDiagnostic; use log::warn; diff --git a/cli/args/mod.rs b/cli/args/mod.rs index d5e37acc8..742249835 100644 --- a/cli/args/mod.rs +++ b/cli/args/mod.rs @@ -47,13 +47,13 @@ use deno_core::parking_lot::Mutex; use deno_core::serde_json; use deno_core::url::Url; use deno_runtime::deno_node::PackageJson; +use deno_runtime::deno_permissions::PermissionsOptions; use deno_runtime::deno_tls::deno_native_certs::load_native_certs; use deno_runtime::deno_tls::rustls; use deno_runtime::deno_tls::rustls::RootCertStore; use deno_runtime::deno_tls::rustls_pemfile; use deno_runtime::deno_tls::webpki_roots; use deno_runtime::inspector_server::InspectorServer; -use deno_runtime::permissions::PermissionsOptions; use deno_terminal::colors; use dotenvy::from_filename; use once_cell::sync::Lazy; diff --git a/cli/cache/mod.rs b/cli/cache/mod.rs index aaaa427d7..a8c60e97a 100644 --- a/cli/cache/mod.rs +++ b/cli/cache/mod.rs @@ -17,7 +17,7 @@ use deno_graph::source::CacheInfo; use deno_graph::source::LoadFuture; use deno_graph::source::LoadResponse; use deno_graph::source::Loader; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use std::collections::HashMap; use std::path::Path; use std::path::PathBuf; diff --git a/cli/file_fetcher.rs b/cli/file_fetcher.rs index 0e0589d34..19acf2e2b 100644 --- a/cli/file_fetcher.rs +++ b/cli/file_fetcher.rs @@ -22,8 +22,8 @@ use deno_core::url::Url; use deno_core::ModuleSpecifier; use deno_graph::source::LoaderChecksum; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::deno_web::BlobStore; -use deno_runtime::permissions::PermissionsContainer; use log::debug; use std::borrow::Cow; use std::collections::HashMap; diff --git a/cli/graph_container.rs b/cli/graph_container.rs index ec18ffaab..40ccda9b2 100644 --- a/cli/graph_container.rs +++ b/cli/graph_container.rs @@ -8,7 +8,7 @@ use deno_core::parking_lot::RwLock; use deno_core::resolve_url_or_path; use deno_graph::ModuleGraph; use deno_runtime::colors; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use crate::args::CliOptions; use crate::module_loader::ModuleLoadPreparer; diff --git a/cli/graph_util.rs b/cli/graph_util.rs index 5e587b0d4..502702b07 100644 --- a/cli/graph_util.rs +++ b/cli/graph_util.rs @@ -41,7 +41,7 @@ use deno_graph::ResolutionError; use deno_graph::SpecifierError; use deno_runtime::deno_fs::FileSystem; use deno_runtime::deno_node; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::package::PackageNv; use deno_semver::package::PackageReq; use import_map::ImportMapError; diff --git a/cli/jsr.rs b/cli/jsr.rs index af0ace404..e582ab9f0 100644 --- a/cli/jsr.rs +++ b/cli/jsr.rs @@ -10,7 +10,7 @@ use deno_core::ModuleSpecifier; use deno_graph::packages::JsrPackageInfo; use deno_graph::packages::JsrPackageVersionInfo; use deno_lockfile::Lockfile; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::jsr::JsrPackageReqReference; use deno_semver::package::PackageNv; use deno_semver::package::PackageReq; diff --git a/cli/lsp/config.rs b/cli/lsp/config.rs index 449051931..f03388895 100644 --- a/cli/lsp/config.rs +++ b/cli/lsp/config.rs @@ -29,8 +29,8 @@ use deno_lint::linter::LintConfig; use deno_lockfile::Lockfile; use deno_npm::npm_rc::ResolvedNpmRc; use deno_runtime::deno_node::PackageJson; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::fs_util::specifier_to_file_path; -use deno_runtime::permissions::PermissionsContainer; use import_map::ImportMap; use lsp::Url; use lsp_types::ClientCapabilities; diff --git a/cli/lsp/jsr.rs b/cli/lsp/jsr.rs index a7b2f46ac..27db4b0c8 100644 --- a/cli/lsp/jsr.rs +++ b/cli/lsp/jsr.rs @@ -7,7 +7,7 @@ use dashmap::DashMap; use deno_core::anyhow::anyhow; use deno_core::error::AnyError; use deno_core::serde_json; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::package::PackageNv; use deno_semver::Version; use serde::Deserialize; diff --git a/cli/lsp/npm.rs b/cli/lsp/npm.rs index d051237fb..e5aa33744 100644 --- a/cli/lsp/npm.rs +++ b/cli/lsp/npm.rs @@ -4,7 +4,7 @@ use dashmap::DashMap; use deno_core::anyhow::anyhow; use deno_core::error::AnyError; use deno_core::serde_json; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::package::PackageNv; use deno_semver::Version; use serde::Deserialize; diff --git a/cli/lsp/registries.rs b/cli/lsp/registries.rs index 9a0ad6ddd..e194c6110 100644 --- a/cli/lsp/registries.rs +++ b/cli/lsp/registries.rs @@ -30,7 +30,7 @@ use deno_core::url::Position; use deno_core::url::Url; use deno_core::ModuleSpecifier; use deno_graph::Dependency; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use log::error; use once_cell::sync::Lazy; use std::collections::HashMap; diff --git a/cli/lsp/resolver.rs b/cli/lsp/resolver.rs index 2b465f695..348eae76f 100644 --- a/cli/lsp/resolver.rs +++ b/cli/lsp/resolver.rs @@ -38,7 +38,6 @@ use deno_runtime::deno_node::NodeResolutionMode; use deno_runtime::deno_node::NodeResolver; use deno_runtime::deno_node::PackageJson; use deno_runtime::fs_util::specifier_to_file_path; -use deno_runtime::permissions::PermissionsContainer; use deno_semver::jsr::JsrPackageReqReference; use deno_semver::npm::NpmPackageReqReference; use deno_semver::package::PackageNv; @@ -247,12 +246,7 @@ impl LspResolver { let node_resolver = self.node_resolver.as_ref()?; Some(NodeResolution::into_specifier_and_media_type( node_resolver - .resolve_req_reference( - req_ref, - &PermissionsContainer::allow_all(), - referrer, - NodeResolutionMode::Types, - ) + .resolve_req_reference(req_ref, referrer, NodeResolutionMode::Types) .ok(), )) } @@ -282,8 +276,10 @@ impl LspResolver { let Some(node_resolver) = self.node_resolver.as_ref() else { return Ok(None); }; - node_resolver - .get_closest_package_json(referrer, &PermissionsContainer::allow_all()) + node_resolver.get_closest_package_json( + referrer, + &mut deno_runtime::deno_node::AllowAllNodePermissions, + ) } pub fn resolve_redirects( diff --git a/cli/lsp/testing/execution.rs b/cli/lsp/testing/execution.rs index f56f5010f..6393c8642 100644 --- a/cli/lsp/testing/execution.rs +++ b/cli/lsp/testing/execution.rs @@ -26,7 +26,7 @@ use deno_core::parking_lot::RwLock; use deno_core::unsync::spawn; use deno_core::unsync::spawn_blocking; use deno_core::ModuleSpecifier; -use deno_runtime::permissions::Permissions; +use deno_runtime::deno_permissions::Permissions; use deno_runtime::tokio_util::create_and_run_current_thread; use indexmap::IndexMap; use std::collections::HashMap; diff --git a/cli/main.rs b/cli/main.rs index e8bea9f54..f20ca17ff 100644 --- a/cli/main.rs +++ b/cli/main.rs @@ -318,7 +318,7 @@ pub fn main() { util::windows::ensure_stdio_open(); #[cfg(windows)] colors::enable_ansi(); // For Windows 10 - deno_runtime::permissions::set_prompt_callbacks( + deno_runtime::deno_permissions::set_prompt_callbacks( Box::new(util::draw_thread::DrawThread::hide), Box::new(util::draw_thread::DrawThread::show), ); diff --git a/cli/module_loader.rs b/cli/module_loader.rs index c134f80e1..5bcc22c06 100644 --- a/cli/module_loader.rs +++ b/cli/module_loader.rs @@ -68,7 +68,7 @@ use deno_graph::Resolution; use deno_lockfile::Lockfile; use deno_runtime::code_cache; use deno_runtime::deno_node::NodeResolutionMode; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::npm::NpmPackageReqReference; pub async fn load_top_level_deps(factory: &CliFactory) -> Result<(), AnyError> { @@ -104,7 +104,7 @@ pub async fn load_top_level_deps(factory: &CliFactory) -> Result<(), AnyError> { &roots, false, factory.cli_options().ts_type_lib_window(), - deno_runtime::permissions::PermissionsContainer::allow_all(), + deno_runtime::deno_permissions::PermissionsContainer::allow_all(), ) .await?; } @@ -348,18 +348,12 @@ impl<TGraphContainer: ModuleGraphContainer> &self, specifier: &ModuleSpecifier, maybe_referrer: Option<&ModuleSpecifier>, - is_dynamic: bool, requested_module_type: RequestedModuleType, ) -> Result<ModuleSource, AnyError> { - let permissions = if is_dynamic { - &self.dynamic_permissions - } else { - &self.root_permissions - }; let code_source = if let Some(result) = self .shared .npm_module_loader - .load_if_in_npm_package(specifier, maybe_referrer, permissions) + .load_if_in_npm_package(specifier, maybe_referrer) .await { result? @@ -448,19 +442,11 @@ impl<TGraphContainer: ModuleGraphContainer> &self, specifier: &str, referrer: &ModuleSpecifier, - kind: ResolutionKind, ) -> Result<ModuleSpecifier, AnyError> { - let permissions = if matches!(kind, ResolutionKind::DynamicImport) { - &self.dynamic_permissions - } else { - &self.root_permissions - }; - if let Some(result) = self.shared.node_resolver.resolve_if_in_npm_package( specifier, referrer, NodeResolutionMode::Execution, - permissions, ) { return match result? { Some(res) => Ok(res.into_url()), @@ -505,7 +491,6 @@ impl<TGraphContainer: ModuleGraphContainer> .node_resolver .resolve_req_reference( &reference, - permissions, referrer, NodeResolutionMode::Execution, ) @@ -530,7 +515,6 @@ impl<TGraphContainer: ModuleGraphContainer> module.nv_reference.sub_path(), referrer, NodeResolutionMode::Execution, - permissions, ) .with_context(|| { format!("Could not resolve '{}'.", module.nv_reference) @@ -720,7 +704,7 @@ impl<TGraphContainer: ModuleGraphContainer> ModuleLoader &self, specifier: &str, referrer: &str, - kind: ResolutionKind, + _kind: ResolutionKind, ) -> Result<ModuleSpecifier, AnyError> { fn ensure_not_jsr_non_jsr_remote_import( specifier: &ModuleSpecifier, @@ -736,7 +720,7 @@ impl<TGraphContainer: ModuleGraphContainer> ModuleLoader } let referrer = self.0.resolve_referrer(referrer)?; - let specifier = self.0.inner_resolve(specifier, &referrer, kind)?; + let specifier = self.0.inner_resolve(specifier, &referrer)?; ensure_not_jsr_non_jsr_remote_import(&specifier, &referrer)?; Ok(specifier) } @@ -745,7 +729,7 @@ impl<TGraphContainer: ModuleGraphContainer> ModuleLoader &self, specifier: &ModuleSpecifier, maybe_referrer: Option<&ModuleSpecifier>, - is_dynamic: bool, + _is_dynamic: bool, requested_module_type: RequestedModuleType, ) -> deno_core::ModuleLoadResponse { let inner = self.0.clone(); @@ -757,7 +741,6 @@ impl<TGraphContainer: ModuleGraphContainer> ModuleLoader .load_inner( &specifier, maybe_referrer.as_ref(), - is_dynamic, requested_module_type, ) .await diff --git a/cli/npm/byonm.rs b/cli/npm/byonm.rs index 931745537..bfb9bed7f 100644 --- a/cli/npm/byonm.rs +++ b/cli/npm/byonm.rs @@ -160,7 +160,7 @@ impl NpmResolver for ByonmCliNpmResolver { fn ensure_read_permission( &self, - permissions: &dyn NodePermissions, + permissions: &mut dyn NodePermissions, path: &Path, ) -> Result<(), AnyError> { if !path diff --git a/cli/npm/managed/mod.rs b/cli/npm/managed/mod.rs index 6a2dfdd67..2298ea9bd 100644 --- a/cli/npm/managed/mod.rs +++ b/cli/npm/managed/mod.rs @@ -550,7 +550,7 @@ impl NpmResolver for ManagedCliNpmResolver { fn ensure_read_permission( &self, - permissions: &dyn NodePermissions, + permissions: &mut dyn NodePermissions, path: &Path, ) -> Result<(), AnyError> { self.fs_resolver.ensure_read_permission(permissions, path) diff --git a/cli/npm/managed/resolvers/common.rs b/cli/npm/managed/resolvers/common.rs index 5003e6a05..767b3f9c6 100644 --- a/cli/npm/managed/resolvers/common.rs +++ b/cli/npm/managed/resolvers/common.rs @@ -53,7 +53,7 @@ pub trait NpmPackageFsResolver: Send + Sync { fn ensure_read_permission( &self, - permissions: &dyn NodePermissions, + permissions: &mut dyn NodePermissions, path: &Path, ) -> Result<(), AnyError>; } @@ -76,7 +76,7 @@ impl RegistryReadPermissionChecker { pub fn ensure_registry_read_permission( &self, - permissions: &dyn NodePermissions, + permissions: &mut dyn NodePermissions, path: &Path, ) -> Result<(), AnyError> { // allow reading if it's in the node_modules diff --git a/cli/npm/managed/resolvers/global.rs b/cli/npm/managed/resolvers/global.rs index 05c2472cf..bfd2f4de3 100644 --- a/cli/npm/managed/resolvers/global.rs +++ b/cli/npm/managed/resolvers/global.rs @@ -146,7 +146,7 @@ impl NpmPackageFsResolver for GlobalNpmPackageResolver { fn ensure_read_permission( &self, - permissions: &dyn NodePermissions, + permissions: &mut dyn NodePermissions, path: &Path, ) -> Result<(), AnyError> { self diff --git a/cli/npm/managed/resolvers/local.rs b/cli/npm/managed/resolvers/local.rs index c64aacc39..4243d04f2 100644 --- a/cli/npm/managed/resolvers/local.rs +++ b/cli/npm/managed/resolvers/local.rs @@ -243,7 +243,7 @@ impl NpmPackageFsResolver for LocalNpmPackageResolver { fn ensure_read_permission( &self, - permissions: &dyn NodePermissions, + permissions: &mut dyn NodePermissions, path: &Path, ) -> Result<(), AnyError> { self diff --git a/cli/npm/mod.rs b/cli/npm/mod.rs index ef230372f..8d801744b 100644 --- a/cli/npm/mod.rs +++ b/cli/npm/mod.rs @@ -14,7 +14,7 @@ use deno_core::error::AnyError; use deno_core::serde_json; use deno_npm::registry::NpmPackageInfo; use deno_runtime::deno_node::NpmResolver; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::package::PackageNv; use deno_semver::package::PackageReq; diff --git a/cli/ops/bench.rs b/cli/ops/bench.rs index 2c8c63ed6..5521253ff 100644 --- a/cli/ops/bench.rs +++ b/cli/ops/bench.rs @@ -11,9 +11,9 @@ use deno_core::op2; use deno_core::v8; use deno_core::ModuleSpecifier; use deno_core::OpState; -use deno_runtime::permissions::create_child_permissions; -use deno_runtime::permissions::ChildPermissionsArg; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::create_child_permissions; +use deno_runtime::deno_permissions::ChildPermissionsArg; +use deno_runtime::deno_permissions::PermissionsContainer; use tokio::sync::mpsc::UnboundedSender; use uuid::Uuid; @@ -61,7 +61,7 @@ pub fn op_pledge_test_permissions( let token = Uuid::new_v4(); let parent_permissions = state.borrow_mut::<PermissionsContainer>(); let worker_permissions = { - let mut parent_permissions = parent_permissions.0 .0.lock(); + let mut parent_permissions = parent_permissions.0.lock(); let perms = create_child_permissions(&mut parent_permissions, args)?; PermissionsContainer::new(perms) }; diff --git a/cli/ops/testing.rs b/cli/ops/testing.rs index 6025b9917..b63a72947 100644 --- a/cli/ops/testing.rs +++ b/cli/ops/testing.rs @@ -16,9 +16,9 @@ use deno_core::op2; use deno_core::v8; use deno_core::ModuleSpecifier; use deno_core::OpState; -use deno_runtime::permissions::create_child_permissions; -use deno_runtime::permissions::ChildPermissionsArg; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::create_child_permissions; +use deno_runtime::deno_permissions::ChildPermissionsArg; +use deno_runtime::deno_permissions::PermissionsContainer; use serde::Serialize; use std::sync::atomic::AtomicUsize; use std::sync::atomic::Ordering; @@ -57,7 +57,7 @@ pub fn op_pledge_test_permissions( let token = Uuid::new_v4(); let parent_permissions = state.borrow_mut::<PermissionsContainer>(); let worker_permissions = { - let mut parent_permissions = parent_permissions.0 .0.lock(); + let mut parent_permissions = parent_permissions.0.lock(); let perms = create_child_permissions(&mut parent_permissions, args)?; PermissionsContainer::new(perms) }; diff --git a/cli/resolver.rs b/cli/resolver.rs index a28dfce91..301cd0666 100644 --- a/cli/resolver.rs +++ b/cli/resolver.rs @@ -30,7 +30,6 @@ use deno_runtime::deno_node::NodeResolver; use deno_runtime::deno_node::NpmResolver as DenoNodeNpmResolver; use deno_runtime::deno_node::PackageJson; use deno_runtime::fs_util::specifier_to_file_path; -use deno_runtime::permissions::PermissionsContainer; use deno_semver::npm::NpmPackageReqReference; use deno_semver::package::PackageReq; use import_map::ImportMap; @@ -100,7 +99,7 @@ impl CliNodeResolver { pub fn get_closest_package_json( &self, referrer: &ModuleSpecifier, - permissions: &dyn NodePermissions, + permissions: &mut dyn NodePermissions, ) -> Result<Option<Rc<PackageJson>>, AnyError> { self .node_resolver @@ -112,11 +111,10 @@ impl CliNodeResolver { specifier: &str, referrer: &ModuleSpecifier, mode: NodeResolutionMode, - permissions: &PermissionsContainer, ) -> Option<Result<Option<NodeResolution>, AnyError>> { if self.in_npm_package(referrer) { // we're in an npm package, so use node resolution - Some(self.resolve(specifier, referrer, mode, permissions)) + Some(self.resolve(specifier, referrer, mode)) } else { None } @@ -127,20 +125,15 @@ impl CliNodeResolver { specifier: &str, referrer: &ModuleSpecifier, mode: NodeResolutionMode, - permissions: &PermissionsContainer, ) -> Result<Option<NodeResolution>, AnyError> { - self.handle_node_resolve_result(self.node_resolver.resolve( - specifier, - referrer, - mode, - permissions, - )) + self.handle_node_resolve_result( + self.node_resolver.resolve(specifier, referrer, mode), + ) } pub fn resolve_req_reference( &self, req_ref: &NpmPackageReqReference, - permissions: &PermissionsContainer, referrer: &ModuleSpecifier, mode: NodeResolutionMode, ) -> Result<NodeResolution, AnyError> { @@ -152,7 +145,6 @@ impl CliNodeResolver { req_ref.sub_path(), referrer, mode, - permissions, )?; match maybe_resolution { Some(resolution) => Ok(resolution), @@ -181,7 +173,6 @@ impl CliNodeResolver { sub_path: Option<&str>, referrer: &ModuleSpecifier, mode: NodeResolutionMode, - permissions: &PermissionsContainer, ) -> Result<Option<NodeResolution>, AnyError> { self.handle_node_resolve_result( self.node_resolver.resolve_package_subpath_from_deno_module( @@ -189,7 +180,6 @@ impl CliNodeResolver { sub_path, referrer, mode, - permissions, ), ) } @@ -278,10 +268,9 @@ impl NpmModuleLoader { &self, specifier: &ModuleSpecifier, maybe_referrer: Option<&ModuleSpecifier>, - permissions: &PermissionsContainer, ) -> Option<Result<ModuleCodeStringSource, AnyError>> { if self.node_resolver.in_npm_package(specifier) { - Some(self.load(specifier, maybe_referrer, permissions).await) + Some(self.load(specifier, maybe_referrer).await) } else { None } @@ -291,7 +280,6 @@ impl NpmModuleLoader { &self, specifier: &ModuleSpecifier, maybe_referrer: Option<&ModuleSpecifier>, - permissions: &PermissionsContainer, ) -> Result<ModuleCodeStringSource, AnyError> { let file_path = specifier.to_file_path().unwrap(); let code = self @@ -336,7 +324,7 @@ impl NpmModuleLoader { ModuleSourceCode::String( self .node_code_translator - .translate_cjs_to_esm(specifier, Some(code), permissions) + .translate_cjs_to_esm(specifier, Some(code)) .await? .into(), ) @@ -638,12 +626,7 @@ impl Resolver for CliGraphResolver { { let node_resolver = self.node_resolver.as_ref().unwrap(); return node_resolver - .resolve_req_reference( - &npm_req_ref, - &PermissionsContainer::allow_all(), - referrer, - to_node_mode(mode), - ) + .resolve_req_reference(&npm_req_ref, referrer, to_node_mode(mode)) .map(|res| res.into_url()) .map_err(|err| err.into()); } @@ -651,12 +634,8 @@ impl Resolver for CliGraphResolver { Err(_) => { if referrer.scheme() == "file" { if let Some(node_resolver) = &self.node_resolver { - let node_result = node_resolver.resolve( - specifier, - referrer, - to_node_mode(mode), - &PermissionsContainer::allow_all(), - ); + let node_result = + node_resolver.resolve(specifier, referrer, to_node_mode(mode)); match node_result { Ok(Some(res)) => { return Ok(res.into_url()); @@ -694,7 +673,6 @@ impl Resolver for CliGraphResolver { specifier, referrer, to_node_mode(mode), - &PermissionsContainer::allow_all(), ); if let Some(Ok(Some(res))) = node_result { return Ok(res.into_url()); diff --git a/cli/standalone/mod.rs b/cli/standalone/mod.rs index 5e8c5c0b6..91e524dda 100644 --- a/cli/standalone/mod.rs +++ b/cli/standalone/mod.rs @@ -53,10 +53,10 @@ use deno_runtime::deno_fs; use deno_runtime::deno_node::analyze::NodeCodeTranslator; use deno_runtime::deno_node::NodeResolutionMode; use deno_runtime::deno_node::NodeResolver; +use deno_runtime::deno_permissions::Permissions; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::deno_tls::rustls::RootCertStore; use deno_runtime::deno_tls::RootCertStoreProvider; -use deno_runtime::permissions::Permissions; -use deno_runtime::permissions::PermissionsContainer; use deno_runtime::WorkerExecutionMode; use deno_runtime::WorkerLogLevel; use deno_semver::npm::NpmPackageReqReference; @@ -112,16 +112,10 @@ impl ModuleLoader for EmbeddedModuleLoader { })? }; - let permissions = if matches!(kind, ResolutionKind::DynamicImport) { - &self.dynamic_permissions - } else { - &self.root_permissions - }; if let Some(result) = self.shared.node_resolver.resolve_if_in_npm_package( specifier, &referrer, NodeResolutionMode::Execution, - permissions, ) { return match result? { Some(res) => Ok(res.into_url()), @@ -146,7 +140,6 @@ impl ModuleLoader for EmbeddedModuleLoader { .node_resolver .resolve_req_reference( &reference, - permissions, &referrer, NodeResolutionMode::Execution, ) @@ -174,7 +167,7 @@ impl ModuleLoader for EmbeddedModuleLoader { &self, original_specifier: &ModuleSpecifier, maybe_referrer: Option<&ModuleSpecifier>, - is_dynamic: bool, + _is_dynamic: bool, _requested_module_type: RequestedModuleType, ) -> deno_core::ModuleLoadResponse { if original_specifier.scheme() == "data" { @@ -203,15 +196,10 @@ impl ModuleLoader for EmbeddedModuleLoader { let npm_module_loader = self.shared.npm_module_loader.clone(); let original_specifier = original_specifier.clone(); let maybe_referrer = maybe_referrer.cloned(); - let permissions = if is_dynamic { - self.dynamic_permissions.clone() - } else { - self.root_permissions.clone() - }; return deno_core::ModuleLoadResponse::Async( async move { let code_source = npm_module_loader - .load(&original_specifier, maybe_referrer.as_ref(), &permissions) + .load(&original_specifier, maybe_referrer.as_ref()) .await?; Ok(deno_core::ModuleSource::new_with_redirect( match code_source.media_type { diff --git a/cli/tools/bench/mod.rs b/cli/tools/bench/mod.rs index a6c8d3e16..0378d6ae2 100644 --- a/cli/tools/bench/mod.rs +++ b/cli/tools/bench/mod.rs @@ -31,8 +31,8 @@ use deno_core::unsync::spawn_blocking; use deno_core::v8; use deno_core::ModuleSpecifier; use deno_core::PollEventLoopOptions; -use deno_runtime::permissions::Permissions; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::Permissions; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::tokio_util::create_and_run_current_thread; use deno_runtime::WorkerExecutionMode; use indexmap::IndexMap; diff --git a/cli/tools/jupyter/mod.rs b/cli/tools/jupyter/mod.rs index 4b5009ba7..3b0892843 100644 --- a/cli/tools/jupyter/mod.rs +++ b/cli/tools/jupyter/mod.rs @@ -18,8 +18,8 @@ use deno_core::serde_json; use deno_core::url::Url; use deno_runtime::deno_io::Stdio; use deno_runtime::deno_io::StdioPipe; -use deno_runtime::permissions::Permissions; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::Permissions; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::WorkerExecutionMode; use deno_terminal::colors; diff --git a/cli/tools/repl/mod.rs b/cli/tools/repl/mod.rs index c29e29e71..db1d75dad 100644 --- a/cli/tools/repl/mod.rs +++ b/cli/tools/repl/mod.rs @@ -13,8 +13,8 @@ use deno_core::error::AnyError; use deno_core::futures::StreamExt; use deno_core::serde_json; use deno_core::unsync::spawn_blocking; -use deno_runtime::permissions::Permissions; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::Permissions; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::WorkerExecutionMode; use rustyline::error::ReadlineError; diff --git a/cli/tools/run/mod.rs b/cli/tools/run/mod.rs index 82dcae711..f70cfd066 100644 --- a/cli/tools/run/mod.rs +++ b/cli/tools/run/mod.rs @@ -3,8 +3,8 @@ use std::io::Read; use deno_core::error::AnyError; -use deno_runtime::permissions::Permissions; -use deno_runtime::permissions::PermissionsContainer; +use deno_runtime::deno_permissions::Permissions; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::WorkerExecutionMode; use crate::args::EvalFlags; diff --git a/cli/tools/test/mod.rs b/cli/tools/test/mod.rs index 06ff39abe..7416b5a26 100644 --- a/cli/tools/test/mod.rs +++ b/cli/tools/test/mod.rs @@ -54,9 +54,9 @@ use deno_core::OpState; use deno_core::PollEventLoopOptions; use deno_runtime::deno_io::Stdio; use deno_runtime::deno_io::StdioPipe; +use deno_runtime::deno_permissions::Permissions; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::fmt_errors::format_js_error; -use deno_runtime::permissions::Permissions; -use deno_runtime::permissions::PermissionsContainer; use deno_runtime::tokio_util::create_and_run_current_thread; use deno_runtime::worker::MainWorker; use deno_runtime::WorkerExecutionMode; diff --git a/cli/tsc/mod.rs b/cli/tsc/mod.rs index c5365628d..de4c05e27 100644 --- a/cli/tsc/mod.rs +++ b/cli/tsc/mod.rs @@ -33,7 +33,6 @@ use deno_graph::ResolutionResolved; use deno_runtime::deno_node::NodeResolution; use deno_runtime::deno_node::NodeResolutionMode; use deno_runtime::deno_node::NodeResolver; -use deno_runtime::permissions::PermissionsContainer; use deno_semver::npm::NpmPackageReqReference; use lsp_types::Url; use once_cell::sync::Lazy; @@ -742,7 +741,6 @@ fn resolve_graph_specifier_types( module.nv_reference.sub_path(), referrer, NodeResolutionMode::Types, - &PermissionsContainer::allow_all(), )?; Ok(Some(NodeResolution::into_specifier_and_media_type( maybe_resolution, @@ -779,12 +777,7 @@ fn resolve_non_graph_specifier_types( // we're in an npm package, so use node resolution Ok(Some(NodeResolution::into_specifier_and_media_type( node_resolver - .resolve( - specifier, - referrer, - NodeResolutionMode::Types, - &PermissionsContainer::allow_all(), - ) + .resolve(specifier, referrer, NodeResolutionMode::Types) .ok() .flatten(), ))) @@ -802,7 +795,6 @@ fn resolve_non_graph_specifier_types( npm_req_ref.sub_path(), referrer, NodeResolutionMode::Types, - &PermissionsContainer::allow_all(), )?; Ok(Some(NodeResolution::into_specifier_and_media_type( maybe_resolution, diff --git a/cli/worker.rs b/cli/worker.rs index 7efa84369..cb52b6101 100644 --- a/cli/worker.rs +++ b/cli/worker.rs @@ -28,12 +28,12 @@ use deno_runtime::deno_node; use deno_runtime::deno_node::NodeResolution; use deno_runtime::deno_node::NodeResolutionMode; use deno_runtime::deno_node::NodeResolver; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::deno_tls::RootCertStoreProvider; use deno_runtime::deno_web::BlobStore; use deno_runtime::fmt_errors::format_js_error; use deno_runtime::inspector_server::InspectorServer; use deno_runtime::ops::worker_host::CreateWebWorkerCb; -use deno_runtime::permissions::PermissionsContainer; use deno_runtime::web_worker::WebWorker; use deno_runtime::web_worker::WebWorkerOptions; use deno_runtime::worker::MainWorker; @@ -522,11 +522,8 @@ impl CliMainWorkerFactory { package_ref.req(), &referrer, )?; - let node_resolution = self.resolve_binary_entrypoint( - &package_folder, - package_ref.sub_path(), - &permissions, - )?; + let node_resolution = self + .resolve_binary_entrypoint(&package_folder, package_ref.sub_path())?; let is_main_cjs = matches!(node_resolution, NodeResolution::CommonJs(_)); if let Some(lockfile) = &shared.maybe_lockfile { @@ -636,6 +633,7 @@ impl CliMainWorkerFactory { strace_ops: shared.options.strace_ops.clone(), module_loader, fs: shared.fs.clone(), + node_resolver: Some(shared.node_resolver.clone()), npm_resolver: Some(shared.npm_resolver.clone().into_npm_resolver()), get_error_class_fn: Some(&errors::get_error_class_name), cache_storage_dir, @@ -687,7 +685,6 @@ impl CliMainWorkerFactory { &self, package_folder: &Path, sub_path: Option<&str>, - permissions: &PermissionsContainer, ) -> Result<NodeResolution, AnyError> { match self .shared @@ -697,11 +694,8 @@ impl CliMainWorkerFactory { Ok(node_resolution) => Ok(node_resolution), Err(original_err) => { // if the binary entrypoint was not found, fallback to regular node resolution - let result = self.resolve_binary_entrypoint_fallback( - package_folder, - sub_path, - permissions, - ); + let result = + self.resolve_binary_entrypoint_fallback(package_folder, sub_path); match result { Ok(Some(resolution)) => Ok(resolution), Ok(None) => Err(original_err), @@ -718,7 +712,6 @@ impl CliMainWorkerFactory { &self, package_folder: &Path, sub_path: Option<&str>, - permissions: &PermissionsContainer, ) -> Result<Option<NodeResolution>, AnyError> { // only fallback if the user specified a sub path if sub_path.is_none() { @@ -739,7 +732,6 @@ impl CliMainWorkerFactory { sub_path, &referrer, NodeResolutionMode::Execution, - permissions, )? else { return Ok(None); @@ -843,6 +835,7 @@ fn create_web_worker_callback( source_map_getter, module_loader, fs: shared.fs.clone(), + node_resolver: Some(shared.node_resolver.clone()), npm_resolver: Some(shared.npm_resolver.clone().into_npm_resolver()), worker_type: args.worker_type, maybe_inspector_server, @@ -877,7 +870,7 @@ fn create_web_worker_callback( mod tests { use super::*; use deno_core::resolve_path; - use deno_runtime::permissions::Permissions; + use deno_runtime::deno_permissions::Permissions; fn create_test_worker() -> MainWorker { let main_module = |